Thursday, September 22, 2016

Create user account and set password with one command

I often see forum posts where a System Administrators, wants to create local user accounts on several servers and doesn't want to have to have to set the user's password over and over again. Below I share two ways to do this. The first way creates the user account and sets the password in one command. The second method sets the password in a additional command. Ether way can be used in a script, which can speed things up if you need to create one or more accout on servel systems.

Below is an example of creating a user account.
root@earth> useradd -u 25 -g staff -G ftp,users -m -d /export/home/newuser -c "newuser" -s /bin/bash newuser
root@earth> passwd newuser
passwd: Changing password for username
New Password:
Re-enter new Password:
passwd: password successfully changed for newuser

This method can be very time consuming process and would be hard to use in script. Below is an example of how using the -p option in the useradd command, to set the user's password by setting the uses hash.

root@earth> useradd -u 25 -g staff -G ftp,users -m -d /export/home/newuser -c "newuser" -s /bin/bash -p '6$jbvkjjg$qFmFH.bQmmtXzyBY0s9v7Oicd2z4XSIecDzlB5KiA2/jctKu9YterLp8wwnSq.qc.eoxqOmSuNp2xS0ktL3nh/' newuser

This method works on Linux computers, such as SLES and RHEL. It however doesn't work on systems such as Solaris.

Alternately you can also set the users by echoing the password to standard in, as shown below. The major issue with doing it this way is that the password is recorded in the system logs and if your running the command remotely then your sending the password in the clear. So I don't recomend doing it this way.
root@earth> echo password | passwd newuser --stdin

This method works only Linux systems.

Other posts with similar info
Linux User Account Creation & Customization
Adding a new user to a UNIX based system

References pages.
Online man page - useradd
Online man page - passwd

Thursday, September 15, 2016

Setting up NFS & automount on RHEL


I believe that any Linux or UNIX server should start a very minimal build. Meaning that a server should only have the programs or packages installed that are needed for the operation of the server. To make some of my servers a little more functional I decided to install NFS and automount. This is so users can automount home directories and  mount external shares.

Follow the steps below to install NFS and autofs, so you can mount the NFS shares and mount home directories. The example below is on a RHEL 6 server.


To be able to mount NFS share you will need the following packages.
autofs
nfs-utils
nfs-utils-lib

Dependencies:
Hesiod
keyutils
libgssglue
libtirpc
python-argparse
rpcbind

Install the packages
root@server> yum install autofs  nfs-utils  nfs-utils-lib

To enable NFS shares you must add them to the /etc/fstab file. Example below.
10.12.12.8:/share /export/share  nfs noauto,nosuid,nodev,noguid,noxattr,timeout,sloppy 0 0
10.12.12.6:/cifs  /export/cifs  nfs noauto,nosuid,nodev,noguid,noxattr,timeout,sloppy 0 0
repos:/linux_repos /export/repos   nfs auto,ro,nosuid,nodev,noguid,noxattr,timeout,sloppy 0 0

To setup the automount funtion you need to edit the auto.home and auto.master files.
 Add the hostname or IP address line to /etc/auto.home
*             10.10.10.2:/home/&

Add this line to /etc/auto.master
/export/home /etc/auto.home -nolock,nosuid,noguid,nodev,nobrowse,noxattr --timeout 10

Restart services
root@server> service autofs restart
root@server> service rpcbind start
root@server> service nfs start

Ensure that autofs starts at boot
root@server> chkconfig –list autofs

Make mount points
Make the mount pint for all the mount points listed in the /etc/fstab file..
root@server> mkdir /export/share
root@server> mkdir /export/cifs
root@server> mkdir /export/repos


Note- make sure any host names used are added to the /etc/hosts file.

After following the steps above evey should be working. test the configuration by loggingin or becoming a user with a non local home directory. Also try to mount the shares.
root@server> mount /export/share

Check to see if the mount was successful.
root@server> df -h | grep share
Filesystem            Size  Used Avail Use% Mounted on
10.12.12.8:/share  9.8G  1.9G  7.5G  20%   /export/share

Please let me know if you have any questions.